问题描述
我正在使用DotNetOpenAuth的OAuth2库来处理与另一个第三方系统的授权。一切正常,除了第三方系统在响应中返回带有AccessToken的UserId = testname。
I'm using DotNetOpenAuth's OAuth2 library to handle authorization with another third party system. It all works great, except that the third party system is returning the UserId="testname" in the Response with the AccessToken.
我需要该UserId,因为此第三方API要求将其作为API调用的一部分(例如:users / {userId} / account)。
I need that UserId because this third party API requires it as part of their API calls (ex: users/{userId}/account).
使用DotNetOpenAuth,我无权访问AccessToken响应,所以我
Using DotNetOpenAuth, I don't have access to the AccessToken response so I can't get the UserId out.
我正在打电话:(_client是WebServerClient)
var state = _client.ProcessUserAuthorization(request);
I'm calling: (_client is a WebServerClient)var state = _client.ProcessUserAuthorization(request);
状态有我的AccessToken,但没有向下发送的多余数据。根据DotNetOpenAuth源代码,用户ID进入库中,而我没有任何访问权限。
state has my AccessToken, but not the extra data sent down. Based on the DotNetOpenAuth source code the UserId came in inside the library and I don't have any access.
是否可以使用DotNetOpenAuth将用户ID删除?还是我需要放弃DotNetOpenAuth并尝试其他方法?
Is there anyway to get that UserId out using DotNetOpenAuth? Or do I need to abandon DotNetOpenAuth and try something else?
推荐答案
您可以通过实现<$ c $来访问请求和响应数据c> IDirectWebRequestHandler 并将其分配给 Channel 。但是在DNOA的当前实现中,让它起作用的唯一方法是将代理模式应用于现有的 UntrustedWebRequestHandler 类,这是因为此特定处理程序传递了一个 CachedDirectWebResponse ,它具有可以多次读取的响应流-一次由您的代码检索其他数据,然后由下游代码传送至 ProcessUserAuthorization()。
You can access request and response data by implementing IDirectWebRequestHandler and assigning it to Channel. But with current implementation of DNOA, the only way I got it to work is by applying proxy pattern to an existing UntrustedWebRequestHandlerclass, this is because this particular handler passes a CachedDirectWebResponse, which has a response stream that could be read multiple times - once by your code to retrieve additional data, and later by downstream code to ProcessUserAuthorization().
这是自定义 IDirectWebRequestHandler 的代码:
public class RequestHandlerWithLastResponse : IDirectWebRequestHandler
{
private readonly UntrustedWebRequestHandler _webRequestHandler;
public string LastResponseContent { get; private set; }
public RequestHandlerWithLastResponse(UntrustedWebRequestHandler webRequestHandler)
{
if (webRequestHandler == null) throw new ArgumentNullException( "webRequestHandler" );
_webRequestHandler = webRequestHandler;
}
public bool CanSupport( DirectWebRequestOptions options )
{
return _webRequestHandler.CanSupport( options );
}
public Stream GetRequestStream( HttpWebRequest request )
{
return _webRequestHandler.GetRequestStream( request, DirectWebRequestOptions.None );
}
public Stream GetRequestStream( HttpWebRequest request, DirectWebRequestOptions options )
{
return _webRequestHandler.GetRequestStream( request, options );
}
public IncomingWebResponse GetResponse( HttpWebRequest request )
{
var response = _webRequestHandler.GetResponse( request, DirectWebRequestOptions.None );
//here we actually getting the response content
this.LastResponseContent = GetResponseContent( response );
return response;
}
public IncomingWebResponse GetResponse( HttpWebRequest request, DirectWebRequestOptions options )
{
return _webRequestHandler.GetResponse( request, options );
}
private string GetResponseContent(IncomingWebResponse response)
{
MemoryStream stream = new MemoryStream();
response.ResponseStream.CopyTo(stream);
stream.Position = 0;
response.ResponseStream.Position = 0;
using (var sr = new StreamReader(stream))
{
return sr.ReadToEnd();
}
}
}
这就是我们的申请方式它并获取响应数据:
And this is how we apply it and get response data:
var h = new RequestHandlerWithLastResponse(new UntrustedWebRequestHandler()); ;
_client.Channel.WebRequestHandler = h;
var auth = _client.ProcessUserAuthorization( request );
//convert response json to POCO
var extraData = JsonConvert.DeserializeObject<MyExtraData>( h.LastResponseContent );
这篇关于DotNetOpenAuth OAuth2访问额外的数据的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!